// find all (possible) memory overflows in 
// "f", assuming that "f" is called from
// "driver" (or a function with similar
// allocation behavior).  You can assume
// that "d" is a 0-terminated string.
// 
// For each potential overflow, give an
// example input that would trigger the
// problem (for extra points).
// 
// Note that if you claim that a buffer
// overflow exists on lines that are
// ok, you will loose points.
static int
f(char * c, unsigned int clen, const char * d) {
  if (strlen(c) < strlen(d))
    strcpy(c, d); 
  if (clen > strlen("Hello World") * 2) 
    {
       strcpy(c, "Hello World"); 
       strcat(c, "Hello World");
    }
  if (clen >= strlen("Hello")) 
       strncpy(c, "World", 5);
  printf("%s %s", c, d); 
  if (clen >= 6)
    memcpy(&c[1], "Hello", 5); 
  d = &c[5]; 
  printf("%3s", &d[-2]); 
  return *gets(c); 
}
int driver(unsigned int size, const char * d) {
  char * c = malloc(size);
  int ret = f(c, size, d);
  free(c);
  return ret;
}